Re: [OT] key server is a great place for spammers?
Isaac Claymore wrote:
> Is it possible to inform the key server not to show my email address
> when people are searching it? Or, am I just overly paranoid on this ;)
Exactly... some people seem to be paranoid about this.
They hide their real e-mail address on newsgroups, do not publish it
anywhere. Spam is annoying, I know, but don't get paranoid.
I've recently installed bogofilter and I'm amazed with its results.
It's much better than my previous setup (spambouncer & spamassasin).
If you can - feed bogofilter and forget about spam.
I've collected 2000 spams and 2000 ham messages - enough for the initial
feed. (manual says about 10 000 messages, but friends told me that a few
hundred messages would be enough).
If it's already offtopic, here is my setup:
~/.procmailrc:
INCLUDERC=$PMDIR/rc.killdupes
INCLUDERC=$PMDIR/rc.killfile
INCLUDERC=$PMDIR/rc.from-me
INCLUDERC=$PMDIR/rc.subscriptions
INCLUDERC=$PMDIR/rc.whitelist
INCLUDERC=$PMDIR/rc.viruses
INCLUDERC=$PMDIR/rc.bogofilter
INCLUDERC=$PMDIR/rc.sms-cell-phone
~/Procmail/rc.killdupes
Simple script which kills duplicate messages. Taken from
"man 5 procmailex".
~/Procmail/rc.killfile
Kills messages from people who I don't want to receive any mails.
~/Procmail/rc.from-me
Marks my messages as read.
~/Procmail/rc.subscriptions
Filter all my mailing lists to folders.
~/Procmail/rc.whitelist
#--- cut here ------------------------------------------------------
# remove fake headers
:0 fwh
* ^X-Whitelist
| formail -IX-Whitelist
# check if e-mail address is in my whitelist and add X-Whitelist header
:0fhw
* ? formail -x From: -x Sender: -x Reply-To: \
| egrep -is -f /home/users/kocurek/whitelist.txt
| formail -Y -f -A "X-Whitelist: yes"
# notify my mobile phone
:0 c
* !^FROM_DAEMON
* ^X-Whitelist: yes
| /usr/bin/sms 012345678 "$NEW_BODY"
# deliver directly to my mbox with no further filtering
:0:
* ^X-Whitelist: yes
/var/mail/kocurek
#--- cut here ------------------------------------------------------
Where ~/whitelist.txt looks like this:
email1@xxxxxxxxxxxxx
other@xxxxxxxxxxxxxx
etc...
One e-mail address per line.
~/Procmail/rc.viruses
Script taken from: http://agriroot.aua.gr/~nikant/nkvir/
~/Procmail/rc.bogofilter
The main part :-) bogofilter's home page:
http://bogofilter.sourceforge.net/
#--- cut here ------------------------------------------------------
# filter mail through bogofilter, tagging it as spam and
# updating the wordlists
:0fw
| bogofilter -u -e -p
# if bogofilter failed, return the mail to the queue, the MTA will
# retry to deliver it later
# 75 is the value for EX_TEMPFAIL in /usr/include/sysexits.h
:0e
{ EXITCODE=75 HOST }
# Below is a perl script checking Received: header IP in RBLs
# If IP address is on one of the RBLs then it adds X-Blacklisted header
# The script can be found at:
# http://qrnik.knm.org.pl/~qrczak/spam/check-mail-blacklists.pl
:0 hfw
| /home/users/kocurek/check-mail-blacklists.pl
# If mail's IP from Received: field is blacklisted in RBL and
# bogofilter thinks it's spam then it is spam :-) put it directly into
# spam folder (then one which I never look at).
:0:
* ^X-Bogosity: Yes
* ^X-Blacklisted: Yes
spam
# If bogofilter is 100% sure... then it is spam.
:0:
* ^X-Bogosity: Yes, tests=bogofilter, spamicity=1
spam
# some spam which we are not 100% sure about
# goes to probably-spam folder which I review once a week.
:0:
* ^X-Bogosity: Yes
* ^X-Blacklisted: No
probably-spam
#--- cut here ------------------------------------------------------
To not to be fully offtopic, here some mutt macros for bogofilter:
# mark letter as non-spam and update bogofilter's words database
macro index X "<enter-command>unset wait_key weed\n<pipe-entry>bogofilter
-Sn\n<enter-command>\ set wait_key weed\n<save-message>!\n" "mark as non-spam
and save to spool"
# mark as spam and update bogofilter's database
macro index S "<enter-command>unset wait_key weed\n<pipe-entry>bogofilter
-Ns\n<enter-command>set wait_key weed\n<save-message>=spam\ny" "mark as spam
and save to =spam"
These macros are useful if some mail would be wrongly classified.
I've never had false positive with bogofilter and only few false
negatives (so, I only had to press "S" on a message to correct
bogofilter's mistakes and teach it of course - that it was spam).
Ah, I'd forget, I have one PGP related question:
I wanted to add some uid (new e-mail address) to my public key.
I've added it (using adduid with gpg). Then I wanted to send this to
keyserver... I used "gpg --send-keys kocurek" command. And now:
http://pgp.mit.edu:11371/pks/lookup?search=kocurek%40zuzel.org&op=index
if you click on a kocurek@xxxxxxxxx or kocurek@xxxxxxxxxxxxxx address
I get funny-looking list of 4 addresses, all have the same keyID.
Did I do anything wrong?
Could anybody explain this to me?
PS Sorry for this offtopic
PPS 012345678 - it is not my cell phone number, please do not call :-)
--
kocurek